Interesting new dns failures

Gadi Evron ge at
Tue May 22 21:16:18 UTC 2007

On Tue, 22 May 2007, David Ulevitch wrote:


> These questions, and more (but I'm biased to DNS), can be solved at the 
> edge for those who want them.  It's decentralized there.  It's done the 
> right way there.  It's also doable in a safe and fail-open kind of way.
> This is what I'm talking about.


> > After all, nobody's security being affected by the edge of some end-user
> > machine on the other side of the world is irrelevant to my edge
> > security. FUSSP.
> > 
> > DNS abuse is mostly not an edge issue.
> I disagree. DNS is the enabler for many many issues which are edge 
> issues.  (Botnets, spam, etc)

There you did it, you said the B word. Now all the off-topic screamers
will flame. :)

Botnets, spam, etc. are symptoms, and DNS is abused to help them
along. DNS abuse, i.e. abuse of DNS, is a DNS issue.

David, we agree - just talking of similar issues which are.. different.


More information about the NANOG mailing list